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Hybrid  Diagnosis  with  Unknown  Behavioral  Modes 

Michael  W.  Hofbaur1  and  Brian  C.  Williams2 


Abstract.  A novel  capability  of  discrete  model-based  diagnosis 
methods  is  the  ability  to  handle  unknown  modes  where  no  assump- 
tion is  made  about  the  behavior  of  one  or  several  components  of  the 
system.  This  paper  incorporates  this  novel  capability  of  model-based 
diagnosis  into  a hybrid  estimation  scheme  by  calculating  partial  fil- 
ters. The  filters  are  based  on  causal  and  structural  analysis  of  the 
specified  components  and  their  interconnection  within  the  hybrid  au- 
tomaton model.  Incorporating  unknown  modes  provides  a robust  es- 
timation scheme  that  can  cope,  unlike  other  hybrid  estimation  and 
multi-model  estimation  schemes,  with  unmodeled  situations  and  par- 
tial information. 

1 Introduction 

Modern  technology  is  increasingly  leading  to  complex  artifacts  with 
high  demands  on  performance  and  availability.  As  a consequence, 
fault-tolerant  control  and  an  underlying  monitoring  and  diagno- 
sis capability  plays  an  important  role  in  achieving  these  require- 
ments. Monitoring  and  diagnosis  systems  that  build  upon  the  discrete 
model-based  reasoning  paradigm[8]  can  cope  well  with  complexity 
in  modern  artifacts.  As  an  example,  the  Livingstone  system[22]  suc- 
cessfully monitored  and  diagnosed  the  DS-1  space  probe  in  flight, 
a system  with  approximately  48u  modes  of  operation.  However,  a 
widespread  application  of  discrete  model-based  systems  is  hindered 
by  their  difficulty  to  reason  about  the  continuous  dynamics  of  an  ar- 
tifact in  a comprehensive  manner.  Continuous  behaviors  are  difficult 
to  capture  by  the  pure  qualitative  models  that  are  used  by  the  rea- 
soning engines.  Nevertheless,  additional  reasoning  in  terms  of  the 
continuous  dynamics  is  vital  for  detecting  functional  failures,  as  well 
as  low-level  incipient  (i.e  slowly  developing)  faults  and  subtle  com- 
ponent degradation. 

Hybrid  systems  theory  provides  a modeling  paradigm  that  inte- 
grates both,  continuous  state  evolution  and  discrete  mode  changes 
in  a comprehensive  manner.  Recent  work  in  hybrid  estimation[14, 
16,  24,  9]  attempts  to  overcome  the  shortcomings  of  discrete  model- 
based  diagnosis  cited  above  and  provides  schemes  that  integrate 
model-based  approaches  with  techniques  from  fault  detection  and 
isolation  (FDI)[23,  4]  and  multi-model  adaptive  filtering[13,  11,  10], 
The  hybrid  estimation  schemes,  as  well  as  their  FD1  and  multi-model 
filtering  ancestors,  work  well  whenever  the  underlying  model(s)  are 
’close’  mathematical  descriptions  of  the  physical  artifact.  They  can 
fail  severely  whenever  unforeseen  situations  occur.  Therefore,  it  is 
essential  to  provide  models  that  capture  the  entire  spectrum  of  possi- 
ble behaviors/modes  whenever  we  use  the  hybrid  estimate  for  closed 
loop  control,  for  instance.  Model-based  diagnosis,  in  contrast,  does 
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not  impose  such  a strong  modeling  assumption.  Its  concept  of  the 
unknown  mode  allows  diagnosis  of  systems  where  no  assumption  is 
made  about  the  behavior  of  one  or  several  components  of  the  sys- 
tem. In  this  way,  it  captures  unspecified  and  unforeseen  behaviors 
of  the  system  under  investigation.  This  paper  provides  an  approach 
to  incorporate  the  concept  of  an  unknown  mode  into  our  hybrid  es- 
timation scheme[9].  As  a result  we  obtain  an  estimation  capability 
that  can  detect  unforeseen  situations.  Furthermore,  it  allows  us  to 
continue  estimation  on  a degraded  basis.  We  achieve  this  by  causal 
analysis[  1 7,  20],  structural  analysis[7]  and  decomposition  of  the  sys- 
tem. 

This  paper  starts  with  a brief  introduction  to  our  hybrid  systems 
modeling  and  estimation  scheme.  Upon  this  foundation,  we  extend 
hybrid  estimation  to  incorporate  the  unknown  mode  and  demonstrate 
the  underlying  structural  analysis  and  decomposition  task.  Finally,  an 
experimental  evaluation  with  computer  simulated  data  for  a Martian 
live  support  system  demonstrates  the  advantages  of  this  extended  hy- 
brid estimation  scheme. 

2 Hybrid  Systems 

The  hybrid  automaton  model  used  throughout  this  paper  is  based  on 
[9]  and  can  be  seen  as  a model  that  merges  hidden  Markov  models 
(HMM)  with  continuous  discrete-time  dynamical  system  models  (we 
present  the  model  on  the  level  of  detail  sufficient  for  this  work  and 
refer  the  reader  to  the  reference  cited  above  for  more  detail). 

2.1  Concurrent  Hybrid  Automata 

Definition  1 A discrete-time  probabilistic  hybrid  automaton  (PHA) 
A is  described  as  a tuple  {x,  w,  F,  T,  Xd,  Ts): 

• x denotes  the  hybrid  state  variables  of  the  automaton3,  composed 
of  x = {xd}  U xc.  The  discrete  variable  Xd  denotes  the  mode 
of  the  automaton  and  has  finite  domain  Xd.  The  continuous  state 
variables  xc  capture  the  dynamic  evolution  of  the  automaton,  x 
denotes  the  hybrid  state  of  the  automaton,  while  xc  denotes  the 
continuous  state. 

• The  set  of  I/O  variables  w = u,j  U uc  U yc  of  the  automaton 
is  composed  of  disjoint  sets  of  discrete  input  variables  ud  (called 
command  variables),  continuous  input  variables  uc,  and  continu- 
ous output  variables  yc:. 

• F : Xd  — > Fde  U Fae  specifies  the  continuous  evolution  of  the 
automaton  in  terms  of  discrete-time  difference  equations  Fde  and 
algebraic  equations  Fae  for  each  mode  xd  € Xd.  Ts  denotes  the 
sampling  period  of  the  discrete-time  difference  equations. 

3 When  clear  from  context,  we  use  lowercase  bold  symbols,  such  as  v,  to 
denote  a set  of  variables  {t>i, . . . ,«j},  as  well  as  a vector  [t>i, . . . , u;]T 
with  components  c, . 


Consider  the  illustrative  cPHA  in  Fig.  1 with 


• The  finite  set,  T,  of  transitions  specifies  the  probabilistic  discrete 
evolution  of  the  automaton. 

Complex  systems  are  modeled  as  a composition  of  concurrently 
operating  PF1A  that  represent  the  individual  system  components.  A 
concurrent  probabilistic  hybrid  automata  (cPHA)  specifies  this  com- 
position as  well  as  its  interconnection  to  the  outside  world: 

Definition  2 A concurrent  probabilistic  hybrid  automaton  (cPHA) 
CA  is  described  as  a tuple  ( A , u,  yc,  v.s,  vD,  Nx,  Ny): 

• A = {Ai,  A2,  ■ ■ ■ , Ai}  denotes  the  finite  set  of  PHAs  that  repre- 
sent the  components  Ai  of  the  cPFlA  (we  denote  the  components 
of  a PHA  A,  by  Xdi,Xd,  u<k,  Uci,  yc«,  Ft,  Xu). 

• The  input  variables  u = UjU  utJ  of  the  automaton  consists  of  the 
sets  of  discrete  input  variables  ua  = uai  U . . . U u,«  (command 
variables)  and  continuous  input  variables  uc  C ucJ  U . . . U uc; . 

• The  output  variables  yc  C ycl  U . . . U y c specify  the  observed 
output  variables  of  the  cPHA. 

• The  observation  process  is  subject  to  additive,  zero  mean  Gaussian 
sensor  noise.  Ny  : Xd  — > ®ra  x m specifies  the  mode  dependent4 
disturbance  v„  in  terms  of  the  covariance  matrix  R = diag(n). 

• Nx  specifies  additive,  zero  mean  Gaussian  disturbances  that  act 
upon  the  continuous  state  variables  xc  = xci  U . . . U xcj.  Nx  : 
Xd  — > ]Rrlx  n specifies  the  mode  dependent  disturbance  vs  in 
terms  of  the  covariance  matrix  Q. 

Definition  3 The  hybrid  state  X(fc)  of  a cPHA  at  time-step  k spec- 
ifies the  mode  assignment  xd,(k)  of  the  mode  variables  xa  = 
{xdi,  ■ ■ ■ ,Xdi}  and  the  continuous  state  assignment  x,.  (fc)  of  the 
continuous  state  variables  x,  = xci  U...Uxc|. 

Interconnection  among  the  cPHA  components  Ai  is  achieved  via 
shared  continuous  I/O  variables  wc.  6 uc.iUy(;;  only.  Fig.  1 illustrates 
a simple  example  composed  of  3 PHAs. 

yc 

yc2 


Figure  1.  Example  cPHA  composed  of  three  PHAs 


A cPHA  specifies  a mode  dependent  discrete-time  model  for  a 
plant  with  command  inputs  ua,  continuous  inputs  uc,  continuous 
outputs  yc,  mode  xa,  continuous  state  variables  xc  and  additive,  zero 
mean  Gaussian  disturbances  vs,  vD.  The  discrete-time  evolution  of 
xc  and  yc  is  described  by  the  nonlinear  system  of  difference  equa- 
tions (sampling  period  Ts) 

Xc.(fc)  = f(fc)(xc,(fc-l),  Uc,(fc_ !)) 
y c,(fc)  = g(fc)(xc.(fc),  Uc.(fc))  + V0,(fc). 

The  functions  f(fc)  and  g(kj  are  obtained  by  symbolically  solving5 
the  set  of  equations  Fi(xdi.(k))  U . . . U Fi(xdi,(k))  given  the  mode 

xa,(fe)  = [*<n,(k)>  • • • i *<u,(fc)]  • 

4 E.g.  sensors  can  experience  different  magnitudes  of  disturbances  for  differ- 
ent modes. 

5 Our  symbolic  solver  restricts  the  algebraic  equations  and  nonlinear  func- 
tions to  ones  that  can  be  solved  explicitly  and  utilizes  a Grobner  Basis 
approach[3]  to  derive  a set  of  equations  of  form  ( 1 ). 


•Ai  = {{xai},  {«di,  «ci,  Wd})  F\,T\,  {mn,  77112}...) 

Ai  = {{xd2,Xci},{ud2,wci,yci},F2,T2,{m2i,m22}-) 

As  = {{Xd3,Xc2,Xc3},{Ud2,Ual,yal,yc2},F3,T3,{msi}:.). 

Fi,  Fi  and  F3  provide  for  a cPHA  mode  xd,(k)  = 
[mn,  tri2i,  rri3i]T  the  equations 

Fi(mn)  = {«ci  = 5.0  Wei} 

F2(m,2i)  = {xci ,(fc)  = 0.8  Xd,(fc-i)  + wci,(fc-i), 

2/d  = atcl}  (2) 

F3(m3i)  = {xc2,(fc)  = *c3,(fc-i)  + 2/ci,(fe-i)i 

xcs ,(fe)  = 0.4  a:c2,(fc-i)  + 0.5  Mci,(fc-i), 
yc2  = 2.0  xc2  + ®c3}- 

This  leads  to  the  discrete-time  model: 

xci,(k)  = 0.8  a :cl,(fc_D  + 0.2  wci,(fe_i)  + t/si,(*_i) 

Xc2.{k)  = atd.(fe-l)  +®c3,(fc-l)  +Vs2,(fc-1) 

xC3 ,(k)  = 0.4  a:C2,(fe-i)  + 0.5  Mci,(fe-i)  + t/s3,(fc-i)  (3) 

2/cl ,(fe)  = xcl  ,(fc)  + vol,(k) 

Uc2,(k)  = 2-0  xc.2,(k)  + xc3 ,(fc)  + vo2 ,(fc) 


2.2  Estimation  of  Hybrid  Systems 

To  detect  the  onset  of  subtle  failures,  it  is  essential  that  a monitoring 
and  diagnosis  system  is  able  to  accurately  extract  the  hybrid  state  of 
a system  from  a signal  that  may  be  hidden  among  disturbances,  such 
as  measurement  noise.  This  is  the  role  of  a hybrid  observer.  More 
precisely: 

Hybrid  Estimation  Problem:  Given  a cPHA  CA,  a sequences 
of  observations  (yc,(o)  > Yc,(i) , • • • , y c,(fc)}  and  control  inputs 
{u(0),u(1),  . ..,U(fc)},  estimate  the  most  likely  hybrid  state 
X(fc)  at  time-step  k. 

A hybrid  state  estimate  X(fc)  consists  of  a continuous  state  esti- 
mate, together  with  the  associated  mode.  We  denote  this  by  the  tuple 

x(fc)  :=  {x<i,(A:)jxt;,(fc)jP(fc)), 

where  x.c,(k)  specifies  the  mean  and  P(k)  the  covariance  for  the  con- 
tinuous state  variables  xc.  The  likelihood  of  an  estimate  x/^j  is  de- 
noted by  the  hybrid  belief-state  ft(*)[x]. 

We  perform  hybrid  estimation  as  extended  version  of  HMM-style 
belief-state  update  that  accounts  for  the  influence  of  the  continuous 
dynamics  upon  the  system’s  discrete  modes.  A major  difference  be- 
tween hybrid  estimation  and  an  HMM-style  belief-state  update,  as 
well  as  multi-model  estimation,  is,  however,  that  hybrid  estimation 
tracks  a set  of  trajectories,  whereas  standard  belief-state  update  and 
multi-model  estimation  aggregate  trajectories  which  share  the  same 
mode.  This  difference  is  reflected  in  the  first  of  the  following  two 
recursive  functions  which  define  our  hybrid  estimation  scheme: 

h(.fc)[x-i]  = PT(mi|xii(fc_1),  u d,(k-i))h(k-i)[x-A  (4) 

, r - 1 ft(»fc)[xi]Po(yc,(fc)lxi,ffc),»e,(fc)) 

h(.fc)  [x,J  denotes  an  intermediate  hybrid  belief-state,  based  on  tran- 
sition probabilities  only.  Hybrid  estimation  determines  for  each 


Xj.(fc-i)  at  the  previous  time-step  k — 1 the  possible  transitions, 
thus  specifying  candidate  successor  states  to  be  tracked.  Consecu- 
tive filtering  provides  the  new  hybrid  state  x;,^)  and  adjusts  the  hy- 
brid belief-state  h(k)  [x,]  based  on  the  hybrid  probabilistic  observa- 
tion function  Po(yc.(k)  |xi,(fc),  uc,(k))-  The  estimate  %.(*)  with  the 
highest  belief-state  h^)  [x 7 J = max,(/i(fc)  [x,;])  is  taken  as  the  hybrid 
estimate  at  time-step  k. 

Tracking  all  possible  trajectories  of  the  system  is  almost  always 
intractable  because  the  number  of  trajectories  becomes  too  large  after 
only  a few  time-steps.  In  [9]  we  present  an  approximative  anytime 
anyspace  algorithm  that  copes  with  the  exponential  growth,  as  well  as 
the  large  number  of  modes  in  a typical  concurrent  hybrid  automaton 
model. 

Hybrid  estimation  and  other  multi-model  estimation  schemes  have 
in  common  that  they  require  models  that  are  ’close’  mathematical  de- 
scriptions of  the  system.  They  can  fail  severely  whenever  unforeseen, 
i.e.  unmodeled,  situations  occur.  As  a consequence,  we  have  to  pro- 
vide models  for  all  operational  modes  as  well  as  an  exhaustive  set 
of  models  for  possible  failure  modes.  Providing  all  possible  failure 
models  can  be  problematic  even  under  the  assumption  of  an  exhaus- 
tive failure  mode  effect  analysis  (FMEA).  For  instance,  consider  an 
incipient  fault  in  a servo  valve  that  causes  the  valve  to  drift  off  its 
nominal  opening  value.  The  drift  (positive,  negative,  slow,  fast...)  is 
subject  to  the  fault.  It  is  surely  difficult  to  provide  a mathematical 
model  with  the  correct  parameter  values  that  captures  all  possible 
drift  situations.  Nor  is  it  helpful  to  introduce  a sufficiently  large  set 
of  modes  that  captures  possible  situations  of  the  drift  fault  as  this 
would  introduce  additional  complexity  for  hybrid  estimation  by  in- 
creasing the  number  of  modes  unnecessarily. 

This  requirement  of  hybrid  mode  estimation  is  in  contrast  to  dis- 
crete model-based  diagnosis  schemes,  such  as  GDE  (e.g.  [5,  6,  19]). 
Model-based  diagnosis  deduces  the  possible  mode  of  the  system 
based  on  nominal  models,  and  few  specified  fault  models  only.  The 
onset  of  possible  fault  scenarios  are  covered  by  the  so  called  un- 
known mode  which  does  not  impose  any  constraints  on  the  system’s 
variables. 

The  next  section  provides  an  approach  that  systematically  incor- 
porates the  concept  of  the  unknown  mode  into  our  hybrid  estimation 
scheme. 

3 Estimation  with  Unknown  Modes 

The  estimation  scheme  [9]  requires  a fully  specified  mode  assign- 
ment for  each  candidate  trajectory  that  is  tracked  in  the  course 

of  hybrid  estimation.  Only  a fully  specified  mode  allows  us  to  deduce 
the  mathematical  model  ( 1 ) for  the  overall  system.  This  model  is  the 
basis  for  the  dynamic  filter  (e.g.  extended  Kalman  filter)  that  is  used 
in  the  course  of  hybrid  estimation. 


Figure  2.  MIMO  filter  (e.g.  extended  Kalman  filter)  for  the  cPHA  example 

For  our  illustrative  3 component  example  introduced  above 
this  would  mean  that  hybrid  estimation  calculates  a multi-input 


multi-output  (MIMO)  filter  (see  Fig.  2)  for  mode  ~X-dt,(k)  = 

[mn,  m2i,m3i]T  based  on  the  mathematical  model  (3).  This  filter 
provides  the  hybrid  state  estimate  x,-,(fc)  as  well  as  the  value  for  the 
hybrid  probabilistic  observation  function  Fo(yc.((t)|xi,(fc),  uCj(fc)) 
for  the  hybrid  estimator  (see  Appendix  A for  the  extended  Kalman 
filter  estimation  details). 

Let  us  assume  the  mode  ~stdi  (k)  = [?,  nia,  m;u]r  which  speci- 
fies that  component  1 (Ai)  is  in  unknown  mode.  A component  in  un- 
known mode  imposes  no  constraints  (equations)  among  its  variables 
(mci  and  the  internal  variable  wc\,  in  our  case).  As  a consequence, 
we  cannot  deduce  an  overall  mathematical  model  of  the  form  ( 1)  and 
fail  to  provide  the  basis  for  the  hybrid  estimation  scheme,  the  MIMO 
filter  for  mode  xdi.(fc)  = [?,  77121,  rn.;n}T . 


Figure  3.  Example  cPHA  with  explicit  noise  inputs 


However,  a close  look  on  the  PHA  interconnection  (Fig.  3 - the 
figure  extends  Fig.  1 by  including  the  implicit  noise  inputs,  as  well 
as  indicating  the  causality  for  the  internal  I/O  variables)  reveals  that 
we  can  still  estimate  component  3 by  its  observed  output  yC2  and  the 
observation  yci  as  a substitute  for  the  value  of  its  input.  This  intuitive 
approach  utilizes  a decomposition  of  the  cPHA  as  shown  in  Fig.  4. 


Figure  4.  Decomposed  cPHA 


The  decomposition  allows  us  to  treat  the  concurrent  parts  of  the 
system  independently  and  calculate  a filter  cluster  consisting  of  2 
independent  filters.  However,  when  calculating  the  individual  filters 
for  the  cluster,  we  have  to  take  into  account  that  we  use  the  mea- 
surement of  the  input  to  the  third  component  (yai)  in  replacement  to 
its  tiue  value.  This  can  be  interpreted  as  having  additional  additive 
noise  at  the  component’s  input  as  indicated  in  Fig.  4.  The  following 
modification  of  the  covariance  matrix  Q3  for  the  state  variables  of 
As  takes  this  into  account: 

Q3  = b3ribj  + Q::i,  (6) 

where  r 1 denotes  the  variance  of  disturbance  v„i  and  b3  = [0,  1]T 


Figure  5.  Decomposed  filter 


denotes  the  input  vector6  of  As  with  respect  to  yci . 

A filter  cluster  consisting  of  extended  Kalman  filters  and  the 
MIMO  extended  Kalman  filter  are  interchangeable  as  they  provide 
the  same  expected  value  for  the  continuous  state  ( E(x.t, ))  whenever 
the  mode  of  the  automaton  is  fully  specified.  However,  the  decom- 
posed filter  has  the  advantage  that  the  probabilistic  observation  func- 
tion Po  of  the  overall  system  is  given  by 

Po  =X\Poi,  (7) 

j 

where  Poj  denotes  the  probabilistic  observation  function  of  the  j'th 
filter  in  the  filter  cluster. 

This  factorization  of  the  probabilistic  observation  function  allows 
us  to  calculate  an  upper  bound  for  Po  whenever  one  or  more  com- 
ponents of  the  system  are  in  unknown  mode.  We  simply  take  the 
product  over  the  remaining  filters  in  the  cluster.  This  is  equivalent 
with  considering  the  upper  bounds  of  the  inequalities  Poj  < 1 for 
each  unknown  filter  j.  In  our  example  with  unknown  component  Ai 
this  would  mean: 

Po  < P02, 

where  P02  denotes  the  observation  function  for  the  filter  that  esti- 
mates the  continuous  state  of  component  A3. 

The  following  subsection  provides  a graph-based  approach  for 
filer  cluster  deduction  that  grounds  the  informally  introduced  decom- 
position on  a more  versatile  basis. 

3.1  System  Decomposition  and  Filter  Cluster 
Calculation 

Starting  point  for  the  decomposition  of  the  system  for  a cPHA  mode 
x,i  is  the  set  of  equations 

Fi(xdl)(k))  U...U  Fi{xdL(k))  =:  T{-x.d),  (8) 

where  Fj  (xdj,(k) ) returns  the  appropriate  set  of  equations  for  a com- 
ponent Ai  whenever  xdj,(k)  G Xdj  or  the  empty  set  whenever  the 
component  is  in  unknown  mode,  i.e.  a ~dj.(k)  =?•  Although  we  still 
have  to  solve  the  set  of  equations  to  arrive  at  the  mathematical 
model  of  form  (1)  we  can  interpret  the  set  of  equations  (8)  as  the 

6 In  the  general  case,  we  have  to  calculate  hj  for  a cPHA  component  Aj 
and  observed  inputs  uyc  by  linearization,  more  specifically:  = 

df , / duy  A-  . where  f.;  denotes  the  right-hand  side  of 

' c?,(fc i)»  1) 

the  difference  equation  for  component  Aj,  uyc  refers  to  the  observed 
variables  that  are  used  as  inputs  to  the  component  (i.e.  uyc  C yc)  and 
xC7-,(fc_  1)  as  well  as  Ucj,(fc  1 j represent  the  state  estimate  and  the  contin- 
uous input  for  component  Aj  at  the  previous  time-step,  respectively. 


raw  model  for  the  system  given  mode  x,/.  The  following  decom- 
position performs  a structural  analysis  of  the  raw  model-based  on 
causal  analysisf  17, 20],  structural  observability  analysis[7]  and  graph 
decomposition[l], 

A cPHA  model  does  not  impose  a fixed  causal  structure  that  spec- 
ifies directionality  of  automaton  interconnections.  Causality  is  im- 
plicitly specified  by  the  set  of  equations.  This  increases  the  expres- 
siveness of  the  modeling  framework  but  requires  us  to  perform  a 
causal  analysis  of  the  raw  model  (8)  as  a first  step.  The  deduc- 
tion of  the  causal  dependencies  is  done  by  applying  the  bipartite- 
matching  based  algorithm  presented  in  [17].  The  resulting  directed 
graph  records  the  causal  dependencies  among  the  variables  of  the 
system  (Fig.  6 shows  the  graph  for  the  the  illustrative  3 PHA  ex- 
ample). Each  vertex  of  the  graph  represents  one  equation  e,  6 T 


Figure  6.  Causal  graph  for  the  cPHA  example 


or  an  exogenous  variable  specification  (e.g.  uci)  and  is  labeled  by 
its  dependent  variable  which  also  specifies  the  outgoing  edge  (in  the 
following,  we  will  use  the  variable  name  to  refer  to  the  correspond- 
ing vertex  in  the  graph).  Vertices  without  incoming  edges  specify  the 
exogenous  variables. 

Definition  4 A causal  graph  of  a cPHA  CA  at  a mode  x.d  is  a di- 
rected graph  that  records  the  causal  dependencies  among  the  vari- 
ables v 6 (J.;  x(;j  U uci  U yci  of  CA.  We  denote  the  causal  graph 
by  CG(CA,  xa)  and  sometimes  omit  arguments  where  no  confusion 
seems  likely. 

Goal  of  our  analysis  is  to  obtain  a set  of  independent  subsystems 
that  utilize  observed  variables  as  virtual  inputs.  Therefore,  we  slice 
the  graph  at  observed  variable  vertices  with  outgoing  edges,  insert  a 
new  vertex  to  represent  a virtual  input  and  re-map  the  sliced  outgo- 
ing edges  to  this  vertex.  Fig.  7 demonstrates  this  re-mapping  for  the 
causal  graph  of  Fig.  6.  The  observed  variables  are  yc  1 and  yc 2.  Only 
the  vertex  with  dependent  variable  yci  has  an  outgoing  edge,  thus  we 
slice  the  graph  at  yc  1 — > xC2  and  re-map  the  edge  to  the  virtual  input 

Mt/cl- 


Figure  7.  Remapped  causal  graph  for  the  cPHA  example 


A dynamic  filter  (e.g.  extended  Kalman  filter)  can  only  estimate 
the  observable  part  of  the  model.  Therefore,  it  is  essential  to  perform 


an  observability  analysis  prior  calculating  the  filter  so  that  non  ob- 
servable parts  of  the  model  are  excluded.  We  perform  this  analysis 
on  a structural  basis7. 

Definition  5 We  call  a variable  v of  a cPHA  CA  at  mode  x,j  struc- 
turally observable  (SO)  whenever  it  is  directly  observed,  i.e.  v € yc, 
or  there  exists  at  least  one  path  in  the  causal  graph  CG(CA,  xdl)  that 
connects  the  variable  z to  an  output  variable  yc  E yc  of  CA. 

A filter  estimates  the  state  variables  xc  of  a dynamic  system  based 
on  observations  yc  and  the  inputs  uc  that  act  upon  the  state  variables 
xc;.  The  required  knowledge  about  the  inputs  uc  indicates  that  the 
structural  observability  criteria  is  not  yet  sufficient  to  determine  the 
submodel  for  estimation.  We  have  to  make  sure,  that  no  unknown  ex- 
ogenous input  influences  a variable.  To  illustrate  this,  consider  again 
the  3 PHA  example  with  mode  xa  = [?,  m,2i,  inn}1.  Component 
1 in  unknown  mode  omits  the  equation  that  relates  the  variables  uc\ 
and  tOd . This  leads  to  a causal  graph  CG  (Fig.  8),  where  wci  is  la- 
beled as  exogenous  (no  incoming  edges).  This  unknown  exogenous 
input  influences  the  state  variable  xci  and,  as  a consequence,  pre- 
vents us  from  estimating  it! 


Figure  8.  Remapped  causal  graph  for  the  cPHA  example  with  unknown 
component  Ai 


We  extend  our  structural  analysis  of  the  causal  graph  by  the  fol- 
lowing criteria: 

Definition  6 We  call  a variable  v of  a cPHA  CA  at  mode  x(;  struc- 
turally determined  (SD)  whenever  it  is  an  input  variable  of  the  au- 
tomaton, i.e.  v E uc,  or  there  does  not  exist  a path  in  the  causal 
graph  CG(CA,Xd)  that  connects  an  exogenous  variable  ue  £ uc 
with  v. 

Furthermore,  it  is  helpful  to  eliminate  loops  in  the  causal  graph 
prior  checking  variables  against  both  structural  criteria.  For  this  pur- 
pose, we  calculate  the  strongly  connected  components  of  the  causal 
graph[l]. 

Definition  7 A strongly  connected  component  (SCC)  of  the  causal 
graph  CG  is  a maximal  set  SCC  of  variables  in  which  there  is  a path 
from  any  one  variable  in  the  set  to  another  variable  in  the  set. 

Fig.  9 shows  the  remapped  causal  graph  for  the  3 PHA  example  after 
grouping  variables  into  strongly  connected  components. 

The  strong  interconnection  among  variables  in  an  SCC  implies 
that: 

1.  Structural  observability  of  variables  in  an  SCC  follows  directly 
from  structural  observability  of  at  least  one  variable  in  the  SCC. 

7 Throughout  the  paper  we  assume  that  loss  of  observability  is  caused  by 
a structural  defect  of  the  model.  Otherwise,  it  is  necessary  to  perform  an 
additional  numerical  observability  test  [18]  as  structural  observability  only 
provides  a necessary  condition  for  observability. 


Figure  9.  Causal  SCC  graph  for  cPHA  example 


2.  A variable  in  an  SCC  is  structurally  determined,  if  and  only  if  all 
variables  in  the  SCC  are  structurally  determined. 

As  a consequence,  we  can  apply  our  structural  analysis  to  strongly 
connected  components  directly  and  operate  on  the  SCC  graph,  i.e 
a causal  graph  without  loops.  The  analysis  of  a strongly  connected 
component  with  respect  to  structural  observability  and  structural  de- 
termination (SOD)  can  be  outlined  as  follows: 


function  determine- SO D-of- SC C(SCC . u,, . k) 
when  SOD-undetermined?(SCC) 
if  exogenous l(SCC) 
then  Vi  *—  independent-var(5CC) 

if  Vi  6 uc  then  SD(SCC)  <—  True 
else  SD(SCC)  <-  False 
else  V — uplink-SCCs(SCC) 
loop  for  SCC,  in  V 

do  determine-SOD-of-SCC(5CCj,  uc,  k ) 
SO  (SCC)  <-  True 

SD  (SCC)  <-  all-uplink-SCCs-are-SD?(V) 
cluster-index(SCC)  <—  k U cluster-indices(V) 
SOD-determined(SCC)  <—  True 
return  Nil 


Our  structural  analysis  algorithm  determines  structural  observabil- 
ity and  determination  (SOD)  of  a variable  by  traversing  the  SCC 
graph  backwards  from  the  observed  variables  towards  the  inputs. 
In  the  course  of  this  analysis  we  label  non-exogenous  strongly  con- 
nected components  with  an  index  that  refers  to  their  cluster  mem- 
bership. This  indexing  scheme  allows  us  to  cluster  the  variables  into 
non-overlapping  clusters  with  respect  to  the  observed  variables.  The 
direct  relation  between  a variable,  its  determining  equation,  and  the 
cPHA  component  that  specified  this  equation  leads  to  the  compo- 
nent clusters  sought.  The  structural  analysis  can  be  summarized  as 
follows: 


function  component-clustering(C.A,  Xd) 
returns  a set  of  cPHA  component  clusters 
yc  <—  observed-vars(CA) 

CG  <—  remap-causal-graph(CC?(C.4,  xj),  yc) 
uc  <—  virtual-inputs(C(7)  U input-vars(C^l) 

CGscc  strongly-connected-component-graph(C(7) 
/c  <—  0 

loop  for  SCCi  in  output-SCCs(C<7Scc>  y<0 
do  determine-SOD-of-SCC(<SCC.;,  uc,  k) 
k <—  fc  + 1 

graph-clusters  <—  get-SOD-SSC-clusters(C<?scc) 
return  automaton-clusters(CA,  graph-clusters ) 


Figure  10.  Labeled  and  partitioned  causal  SCC  graph  for  the  3 cPHA 
example 


Figure  1 1.  BlO-Plex  plant  growth  chamber 


Each  component  cluster  defines  the  observable  and  determined 
raw  model  for  a subsystem  of  the  cPHA.  This  raw  model  can  be 
solved  symbolically  and  provides  the  nonlinear  system  of  difference 
equations  (a  model  similar  to  (1),  but  with  the  additional  virtual  in- 
puts) that  is  the  basis  for  the  corresponding  filter  in  the  filter  cluster. 
In  this  way  we  exclude  the  unobservable  and/or  undetermined  parts 
of  the  overall  system  from  estimation. 

Whenever  a state  variable  xCj  becomes  unobservable  and/or  un- 
determined (e.g.  due  to  a mode  change)  during  hybrid  estimation, 
we  hold  the  value  for  the  mean  at  its  last  known  estimate  xC3  and 
increase  its  variance  a?  = pjj  by  a constant  factor  at  each  hybrid 
estimation  step.  This  reflects  a continuously  decreasing  confidence 
in  the  estimate  xcj  and  allows  us  to  restart  estimation  whenever  the 
variable  becomes  observable  and  determined  again8. 

4 Example  - BlO-Plex 

Our  application  is  the  BlO-Plex  Test  Complex  at  NASA  Johnson 
Space  Center,  a five  chamber  facility  for  evaluating  biological  and 
physiochemical  Martian  life  support  technologies.  It  is  an  artificial, 
biosphere-type,  closed  environment,  which  must  robustly  provide  all 
the  air,  water,  and  most  of  the  food  for  a crew  of  four  without  in- 
terruption. Plants  are  grown  in  plant  growth  chambers,  where  they 
provide  food  for  the  crew,  and  convert  the  exhaled  CO2  into  O2.  In 
order  to  maintain  a closed-loop  system,  it  is  necessary  to  control  the 
resource  exchange  between  the  chambers  without  endangering  the 
crew.  For  the  scope  of  this  paper,  we  restrict  our  evaluation  to  the 
sub-system  dealing  with  CO2  control  in  the  plant  growth  chamber 
(PGC),  shown  in  Fig.  11. 

The  system  is  composed  of  several  components,  such  as  redundant 
flow  regulators  (FR1,  FR2)  that  provide  continuous  CO2  supply,  re- 
dundant pulse  injection  valves  (PIV1,  PIV2)  that  provide  a means  for 
increasing  the  CO2  concentration  rapidly,  a lighting  system  (LS)  and 
the  plant  growth  chamber  (PGC),  itself.  The  control  system  main- 
tains a plant  growth  optimal  CO2  concentration  of  1200  ppm  during 
the  day  phase  of  the  system  (20  hours/day). 

Hybrid  estimation  schemes  are  key  to  tracking  system  operational 
modes,  as  well  as,  detecting  subtle  failures  and  performing  diag- 
noses. For  example,  we  simulate  a failure  of  the  second  flow  reg- 
ulator. The  regulator  becomes  off-line  and  drifts  slowly  towards  its 
positive  limit.  This  fault  situation  is  difficult  to  capture  by  an  explicit 
fault  model  as  we  do  not  know,  in  advance,  whether  the  regulator 

8 Whenever  a state  variable  xaj  is  directly  observed  we  also  can  utilize  an 
alternative  approach  suggested  in  [15]  that  restarts  the  estimator  with  the 
observed  value,  thus  improving  the  observer  convergence  time. 


drifts  towards  its  postitive  or  negative  limit,  nor  do  we  know  the  mag- 
nitude of  the  drift.  A fault  of  this  type,  which  develops  slowly  and 
whose  symptom  is  hidden  among  the  noise  in  the  system  is  a typical 
candidate  for  our  unknown-mode  detection  capability.  However,  we 
also  provide  explicit  failure  models  that  describe  typical  situations. 
For  example,  the  PGC  has  4 plant  trays  with  one  illumination  bank 
for  each  tray.  A black  out  of  one  illumination  bank  can  be  interpreted 
as  a 25%  loss  in  light  intensity.  This  situation  can  be  modeled  explic- 
itly by  a dynamical  model  that  takes  this  reduced  light  intensity  into 
account. 

In  the  following  we  describe  the  outcome  of  a simulated  experi- 
ment where  the  flow  regulator  fault  with  drifting  symptom  is  injected 
at  time  point  k = 700  and  an  additional  light  fault,  that  harms  one 
of  the  four  illumination  banks,  is  injected  at  k = 900.  The  faults  are 
’repaired’  at  k = 1100  and  k = 1300  for  the  flow  regulator  fault  and 
the  lighting  fault,  respectively.  This  experiment  illustrates  unknown 
mode  detection  and  recovery  from  it,  nominal  failure  mode  detection, 
and  the  multiple  fault  detection  capability  of  our  approach. 


Figure  12.  BlO-Plex  cPHA  model 


The  simulated  data  is  gathered  from  the  execution  of  a refined  sub- 
set of  NASA’s  JSC’s  CONFIG  model  for  the  BlO-Plex  system[12]. 
Hybrid  estimation  utilizes  a cPHA  model  that  consists  of  6 com- 
ponents as  shown  in  Fig.  12.  To  illustrate  the  complexity  of  the 
hybrid  estimation  problem  we  should  note,  that  the  concurrent  au- 
tomaton has  approximately  56  ~ 15000  modes.  Each  mode  de- 
scribes the  dynamic  evolution  of  the  chamber  system  by  a third  or- 
der system  of  difference  equations.  For  example,  the  nominal  op- 
erational condition  for  plant  growth  is  characterized  by  the  mode 


x,i  = [mr2,  mr2,  Tnvi,  mvi,  mn,  trip?],  where  mr2  characterizes 
an  partially  open  flow  regulator,  m„ i a closed  pulse  injection  valve, 
mi2  100%  light  on,  and  mp 2 plant  growth  mode  at  1200  ppm,  re- 
spectively. This  mode  specifies  the  raw  model: 


Fi(mr2)  = {xci,(fc)  = 0.5  «ci,(fc_i),  yd  = Xci} 

F2(mr 2)  = {xC2,(fc)  = 0.5  wci,(fc-i),  yc 2 = xc2} 

F.i(m,vi)  = {wc2  = 0.0} 

F4(mvi)  = {wc3  = 0.0} 

Fs(mn)  = {woi  = 1204.0} 

Fe(mp2)  = {xc3,(fc)  = xc3,(fc_i)  + 20.163- 

[-1.516  • 10_4/l(wci,(fc_i))/2(xc3,(fc_i))+ 


Vcl,(k-1)  + 26:2, (fc-1)  + Wcl.(k-l)  + Wc2,(fc-1)]> 

VcS  = Xca}, 

(9) 


where  /1  and  /a  denotes 


/i(Wci)  :=  - 7.615  + 0.111  tUd  - 2.149  • 10-5  wh 
h(xcs)  ■=  72.0  - 78.89  e“W400-°. 

xci,(fc)  and  xc2,(k)  denote  the  gas  flow  ([g/min])  of  flow  regulator  1 
and  2,  respectively  and  xt;, <),(&)  denotes  the  CO2  gas  concentration 
([ppm])  in  the  plant  growth  chamber.  wci,(k)  and  wc2,(k)  denote  the 
gas  flow  ([g/min])  of  the  pulse  injection  valves  and  wc3>(k)  denotes 
the  photosynthetic  photon  flux  ([/r-mol/m2s])  of  the  lights  above  the 
plant  trays.  The  nonlinear  expression 


The  causal  graph  (Fig.  13)  of  the  raw  model  (9)  leads  to  the  de- 
composition of  the  system  as  shown  in  Fig.  14  (our  implementation 
of  the  causal  analysis  and  decomposition  algorithms  treats  constant 
values,  such  as  the  value  1204.0  for  the  photosynthetic  photon  flux, 
as  known  exogenous  inputs  with  constant  value).  The  decomposition 
of  the  model  leads  to  a filter  cluster  with  3 extended  Kalman  filters  - 
one  for  each  flow  regulator  and  one  for  the  remaining  system  (pulse 
injection  valves,  lighting  system  and  plant  growth  chamber).  This 
enables  us  to  estimate  the  mode  and  continuous  state  of  the  flow  reg- 
ulators independent  of  the  remaining  system.  As  a consequence,  an 
unknown  mode  in  a flow  regulator  does  not  cause  any  implications 
on  the  estimation  of  the  remaining  system. 


-1.516  • 10_ 4/l  (tUcl)(fc-  1)')f2  (xc3,(fc— !) ) 


Figure  14.  Partitioned  causal  SCC  graph  of  the  BlO-PIex  cPHA  model 


approximates  the  CO2  gas  production  [g/min]  due  to  photo- 
synthesis according  to  the  CO2  gas  concentration  and  chamber 
illumination[12].  This  raw  model  defines  a third  order  system  of 
discrete-time  difference  equations  with  sampling  period  Ts  = 1 
[min]: 

Xcl,(k)  0-5  V’cl,(k—  1)  4“ 

XC2 ,(k)  = 0.5  Ucl,(fc_l)  + Vs2,(k—  1) 
xC3  ,(k)  = xc3,(fc— 1)  + 20. 163[— 1.041+ 

1.141e  J’«s.(*)/400-0  + xt;lj(k_i)  + xC2,(jt-i)]  + tt*3,(&_i) 
!/c;l,(k)  Xc2,(fc)  4“  Vol,(k) 

Vc2  ,(k)  = Xc2,(fc)  + Vo2,(k) 

Vc2,(k)  = *c3,(fc)  4“  vo3 ,(fe)> 

(ID 


o 


Fig.  15  shows  the  continuous  input  (control  signal)  uc;i,  observed 
flow  rates  for  flow  regulator  1 and  2 and  the  CO2  concentration  for 
the  experiment.  Both  flow  regulators  provide  half  of  the  requested 
gas  injection  rate  up  to  k = 700.  At  this  time  point,  the  second  flow 
regulator  starts  to  slowly  drift  towards  its  positive  limit  which  it  will 
reach  at  approximately  fc  = 800.  The  camber  control  system  re- 
acts immediately  and  lowers  the  control  signal  in  order  to  keep  the 
CO2  concentration  at  the  requested  1200  ppm  concentration.  This 
transient  behavior  causes  a slight  bump  in  the  CO2  concentration 
as  shown  in  Fig.  15-b.  Our  hybrid  mode  estimation  system  detects 
this  unmodeled  fault  at  k = 727  and  declares  flow  regulator  2 to  be 
in  an  unknown  mode  (we  indicate  the  unknown  mode  by  the  mode 
number  0 in  Fig.  16).  The  flow  regulator  mode  stuck-open  (mr 5)  be- 

Flow  Regulator  2 Estimation  Detail 
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Figure  16.  Mode  estimate  detail  for  flow  regulator  2 


Figure  13.  Causal  graph  of  the  BlO-PIex  cPHA  raw  model  (9) 


comes  more  and  more  likely  as  the  regulator  drifts  towards  its  open 
position.  Flybrid  mode  estimation  prefers  this  mode  as  symptom  ex- 


time  [minutes]  time  [minutes] 

(a)  Control  input  uc  and  measured  CO2  input  flow  rates  (b)  COo  level  in  PGC  (measurement  - gray/green,  estimate  - 

black) 


Figure  15.  Observed  data  and  continuous  estimation  of  the  CO2  concentration  in  plant  growth  chamber 


planation  from  k = 769  onwards,  although  flow  regulator  2 goes 
into  saturation  a little  bit  later  at  k = 800. 

The  light  fault  at  k = 900  is  detected  almost  instantly  at  k = 904 
(mu).  This  good  discrimination  among  the  pre-specified  modes 
(failure  and  nominal)  is  further  demonstrated  at  the  termination 
points  of  the  faults.  Repairs  of  the  flow  regulator  2 and  the  lighting 
system  are  detected  immediately  at  k = 1101  and  k = 1301,  re- 
spectively. Fig.  17  shows  the  mode  estimation  result  for  the  lighting 
system  and  flow  regulator  2 over  the  entire  experiment  horizon. 
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Figure  17.  Mode  estimates  for  flow  regulator  2 and  lighting  system 

5 Implementation  and  Discussion 

The  implementation  of  our  hybrid  estimation  scheme  extends  previ- 
ous work  on  hybrid  estimation  [9]  and  is  written  in  Common  L1SR 


The  hybrid  estimator  uses  a cPHA  description  and  performs  decom- 
position and  estimation,  as  outlined  above.  Decomposition  is  done 
on-line  according  to  the  mode  hypotheses  that  are  tested  in  the  course 
of  hybrid  estimation.  In  general,  it  can  be  assumed  that  the  the  mode 
in  the  system  evolves  on  a lower  rate  than  the  hybrid  estimation 
rate,  which  operates  on  the  sampling  period  Ts.  Therefore,  we  cache 
recent  decompositions  and  their  corresponding  filters  for  re-use  as 
a compromise  between  a-priori  calculation  (space  complexity)  and 
pure  on-line  deduction  (time  complexity). 

Optimized  model-based  estimation  schemes,  such  as 
Livingstone[22],  utilize  conflicts  to  focus  the  underlying  search 
operation.  A conflict  is  a (partial)  mode  assignment  that  makes  a 
hypothesis  very  unlikely.  This  requires  a more  general  treatment 
of  unknown  modes  compared  to  the  filter  decomposition  task 
introduced  above.  The  decompositional  model-based  learning 
system  Moriarty[21]  introduced  continuous  variants  of  conflicts, 
so-called  dissents.  We  are  currently  reformulating  these  dissents  for 
hybrid  systems  and  investigate  their  incorporation  to  improve  the 
underlying  search  scheme.  This  will  lead  to  an  overall  framework 
that  unifies  our  previous  work  on  Livingstone,  Moriarty  and  hybrid 
estimation. 
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A Extended  Kalman  Filter 

The  disturbances  and  imprecise  knowledge  about  the  initial  state 
xc.,(o)  make  it  necessary  to  estimate  the  state  by  its  mean  xc.(fc) 
and  covariance  matrix  P(it).  We  use  an  extended  Kalman  filter[2] 
for  this  purpose,  which  updates  its  current  state,  like  an  HMM  ob- 
server, in  two  steps.  The  first  step  uses  the  model  to  predict  mean 
for  the  state  xc.(.fc)  and  its  covariance  P(.fc),  based  on  the  previous 


estimate  {xc,(fc_i)i  P(fc-i))-  and  the  control  input  uCj(fc_1): 


xc,(.fc) 

= f(xc 

,(fc-l)l  UC,(tt-l)) 

(12) 

A(;t_i) 

df 

Ox 

1 )’ue,(fc 1) 

(13) 

P (•*) 

= A (fc. 

-i)P  (fc-ijA^.^!)  + Q. 

(14) 

This  one-step  ahead  prediction  leads  to  a prediction  residual  !•(*,) 
with  covariance  matrix 


r« 

= y c.(fc)  — g(xc.(.(s),  Uc.(*:)) 

(15) 

C(fc) 

dg 

ax 

*<!,(•*)  .“e,(fc) 

(16) 

s(fc) 

— CwPwC[t)+R. 

(17) 

The  second  filter  step  calculates  the  Kalman  filter  gain  K(fc),  and 
refines  the  prediction  as  follows: 

K(fc)  = Pc^Cf^S-1,  (18) 

xc,(fc)  = Xc,(.*)  + Kwr(fc)  (19) 

P(k)  = [I  ~ K(fc)C(fc)]  P(.fc).  (20) 

The  output  of  the  extended  Kalman  filter,  as  used  in  our  hybrid  esti- 
mation system,  is  a sequence  of  mean/covariance  pairs  (x.c,(k)  , P(fc) ) 
for  x,.  as  well  as  the  hybrid  probabilistic  observation  function 

Po(y(fe)|x(fc),uc,(fe))  = e~r<'c>S(fe>r<'t)/2.  (21) 


